Information gathering:
(multi) http://www.subnetonline.com/
(multi) http://ping.eu/
(multi) http://serversniff.net/
(multi) http://www.yougetsignal.com/
(whois,dns_tools,domain_search) http://www.whois.ws/
(whois,dns_tools) http://www.robtex.com/
(whois) http://www.ripn.net:8080/nic/whois
(domain_search) http://searchdns.netcraft.com/
(iplookup,BGP AS lookup) http://bgp.he.net/
(ASN search) http://fixedorbit.com/search.htm
(dns,whois, network lookup, ...) www.network-tools.com
Exploit Search:
(google engine) http://exploitsearch.com/
(nvd,osvdb,metasploit,...) http://www.exploitsearch.net/
(engine) http://shodan.surtri.com/
http://www.hack0wn.com/advisories.php
http://www.1337day.com/
http://www.exploit-db.com/
http://securityvulns.com/
http://www.zerodayin...ries/published/
http://seclists.org/fulldisclosure/
https://web.nvd.nist...ln/search?cid=3
http://www.cvedetails.com/
http://routerpwn.com/
Scanning networks,web structures,..
(nmap,openvas,sqlix,sqlmap,nikto,sub_domain) http://hackertarget.com/
(nmap,traceroute,whois) http://hackerfantastic.com/
(structure) http://madnet.name/tools/madss/
(SQLi,XSS,..) http://hackvertor.co.uk/public
(structure) http://sucuri.net/index.php?page=scan
(Drupal Vulnerability Scanner) http://raz0r.name/drupalscan/
(Joomla scanner) https://www.joomlascan.com/
(Cross Site Scripting Scanner) http://xss-scanner.com/
(SQLi) http://www.be007.gig...ner/scanner.php
(SQLi) http://scanner.drie88.tk/
(SQLi) http://www.localvn.b...Shop/SQLI-Scan/
(SQLi) http://wolfscps.com/gscanner.php
Hack tools store: http://hackarmoury.com/tools
XSS Guide:
http://ha.ckers.org/xss.html
http://utf-8.jp/public/jjencode.html
http://0x416d73.name/jstb/
SQL Injection Guide
http://ha.ckers.org/sqlinjection/
http://pentestmonkey.net/cheat-sheets/
Nmap5: http://sbdtools.goog...heet eng v1.pdf
Browser test:
http://www.browserscope.org/
Encode/Decode:
http://www.crypo.com/
http://coderstoolbox.net/string/
http://www.showmycode.com/
Shellcode to exe:
http://sandsprite.com/shellcode_2_exe.php
Wordlists:
http://contest-2010.korelogic.com/wordlists.html
http://packetstormsecurity.com/Crackers/wordlists/
https://wiki.skullsecurity.org/Passwords
http://www.ericheitzman.com/passwd/passwords/
Hashcrack:
(lm,ntlm,md5,mysql/3/4) http://hashcrack.com/
(md5,sha1) http://md5.rednoize.com/
(md5,lm) http://www.c0llision.net/webcrack.php
(md5) http://md5cracker.tk/
(md5) http://www.hashchecker.de/
(md5) http://askcheck.com/
(md5) http://www.kinginfet.net/md5_cracker/
(lm) http://lmcrack.com/
(lm) http://cracker.offensive-security.com/
(md5) http://gdataonline.com/seekhash.php
(md5) http://opencrack.hashkiller.com/
(md5) http://cracker.fox21.at/
(md5) http://md5crack.com/
(md5) http://md5decryption.com/
(md5) http://hash.insidepro.com/
(md5) http://md5decrypter.com/
(md5) http://md5pass.info/
(md5) http://crackfor.me/
(md5) http://www.xmd5.org/
(md5) http://socialware.ru/md5_crack.php
(md5) http://www.md5cracker.com/
(md5) http://www.md5decrypter.co.uk/
(md5) http://md5.noisette.ch/
(md5) http://www.hashhack.com
(WebSphere) http://www.sysman.nl/wasdecoder/
(SHA1/MD5 hash cracker on ATI and NVIDIA GPUs) http://www.golubev.com/hashgpu.htm
Analysis Malware:
(AV) http://www.virustotal.com/
(AV) http://www.virscan.org/
(AV) http://virusscan.jotti.org/
(behavior analysis) http://anubis.iseclab.org/
http://www.netscty.com/malware-tool
(javascript,flash) http://wepawet.cs.ucsb.edu/
info
Bagikan
useful websites for a pentest
4/
5
Oleh
Unknown
